Certbot: Difference between revisions
Line 52: | Line 52: | ||
sudo certbot -i apache --dns-cloudflare --dns-cloudflare-credentials ~/.secrets/certbot/cloudflare.ini -d local.davidl.me -d *.local.davidl.me | sudo certbot -i apache --dns-cloudflare --dns-cloudflare-credentials ~/.secrets/certbot/cloudflare.ini -d local.davidl.me -d *.local.davidl.me | ||
</pre> | </pre> | ||
==Internal Services== | |||
Certbot allows you to use a DNS challenge to update your IP. So set an A record to your local IP and do the DNS challenge instead of the HTTP challenge. |
Latest revision as of 23:46, 1 February 2021
Certbot is the program by Let's Encrypt to manage your SSL certificates.
Install
See https://certbot.eff.org/instructions
sudo apt-get update sudo apt-get install software-properties-common sudo add-apt-repository universe sudo add-apt-repository ppa:certbot/certbot sudo apt-get update sudo apt install certbot python3-certbot-apache python3-certbot-dns-cloudflare
Usage
# List certificates sudo certbot certificates # Install a certificate sudo certbot --apache -d wiki.davidl.me # Generate a certificate without install sudo certbot certonly --apache -d wiki.davidl.me # Renew all certificates sudo certbot renew # Revoke a certificate sudo certbot revoke --cert-name example.com # Delete a certificate sudo certbot delete --cert-name example.com
Wildcard Certificates
LetsEncrypt requires dns challenges for wildcard certificates. This means you'll need to input your dns information and us a compatible dns for auto-renewals.
Fill out dns creditials in ~/.secrets/certbot/cloudflare.ini
# Cloudflare API credentials used by Certbot dns_cloudflare_email = <email> dns_cloudflare_api_key = <apikey>
# Generate a wildcard certificate sudo certbot -i apache --dns-cloudflare --dns-cloudflare-credentials ~/.secrets/certbot/cloudflare.ini -d local.davidl.me -d *.local.davidl.me
Internal Services
Certbot allows you to use a DNS challenge to update your IP. So set an A record to your local IP and do the DNS challenge instead of the HTTP challenge.